From 11e5d105e4a64bf8aead4adbef600f6584d7e27c Mon Sep 17 00:00:00 2001
From: Kendall Swarthout <kendallstrautman@gmail.com>
Date: Tue, 15 Oct 2024 14:03:21 -0700
Subject: [PATCH 1/5] Add `ProfileRole`

---
 .../kotlin/com/workos/common/models/Role.kt   | 14 +++++++
 .../kotlin/com/workos/sso/models/Profile.kt   |  7 ++++
 .../com/workos/sso/models/ProfileRole.kt      |  5 +++
 .../models/OrganizationMembershipRole.kt      | 13 +-----
 .../kotlin/com/workos/test/sso/SsoApiTest.kt  | 40 +++++++++++++++++++
 5 files changed, 68 insertions(+), 11 deletions(-)
 create mode 100644 src/main/kotlin/com/workos/common/models/Role.kt
 create mode 100644 src/main/kotlin/com/workos/sso/models/ProfileRole.kt

diff --git a/src/main/kotlin/com/workos/common/models/Role.kt b/src/main/kotlin/com/workos/common/models/Role.kt
new file mode 100644
index 00000000..27111e7a
--- /dev/null
+++ b/src/main/kotlin/com/workos/common/models/Role.kt
@@ -0,0 +1,14 @@
+package com.workos.common.models
+
+import com.fasterxml.jackson.annotation.JsonCreator
+import com.fasterxml.jackson.annotation.JsonProperty
+
+/**
+ * A unique user Role.
+ *
+ * @param slug The unique role identifier.
+ */
+data class Role @JsonCreator constructor(
+  @JsonProperty("slug")
+  val slug: String
+)
\ No newline at end of file
diff --git a/src/main/kotlin/com/workos/sso/models/Profile.kt b/src/main/kotlin/com/workos/sso/models/Profile.kt
index b097cb9b..fcf33397 100644
--- a/src/main/kotlin/com/workos/sso/models/Profile.kt
+++ b/src/main/kotlin/com/workos/sso/models/Profile.kt
@@ -2,6 +2,7 @@ package com.workos.sso.models
 
 import com.fasterxml.jackson.annotation.JsonCreator
 import com.fasterxml.jackson.annotation.JsonProperty
+import com.workos.sso.models.ProfileRole
 
 /**
  * Represents a WorkoS Profile resource. This class is not meant to be
@@ -16,6 +17,7 @@ import com.fasterxml.jackson.annotation.JsonProperty
  * @param email The user's email address.
  * @param firstName The user's first name.
  * @param lastName The user's last name.
+ * @param role The user's role based on group memberships.
  * @param groups The user's group memberships.
  * @param rawAttributes Object of key-value pairs containing relevant user data from the Identity Provider.
  */
@@ -55,6 +57,10 @@ data class Profile
   @JsonProperty("last_name")
   val lastName: String?,
 
+  @JvmField
+  @JsonProperty("role")
+  val role: ProfileRole? = null,
+
   @JvmField
   @JsonProperty("groups")
   val groups: List<String>?,
@@ -63,3 +69,4 @@ data class Profile
   @JsonProperty("raw_attributes")
   val rawAttributes: Map<String, Any>
 )
+
diff --git a/src/main/kotlin/com/workos/sso/models/ProfileRole.kt b/src/main/kotlin/com/workos/sso/models/ProfileRole.kt
new file mode 100644
index 00000000..8e34bd25
--- /dev/null
+++ b/src/main/kotlin/com/workos/sso/models/ProfileRole.kt
@@ -0,0 +1,5 @@
+package com.workos.sso.models
+
+import com.workos.common.models.Role
+
+typealias ProfileRole = Role
\ No newline at end of file
diff --git a/src/main/kotlin/com/workos/usermanagement/models/OrganizationMembershipRole.kt b/src/main/kotlin/com/workos/usermanagement/models/OrganizationMembershipRole.kt
index 709d1c1f..16c72f2c 100644
--- a/src/main/kotlin/com/workos/usermanagement/models/OrganizationMembershipRole.kt
+++ b/src/main/kotlin/com/workos/usermanagement/models/OrganizationMembershipRole.kt
@@ -1,14 +1,5 @@
 package com.workos.usermanagement.models
 
-import com.fasterxml.jackson.annotation.JsonCreator
-import com.fasterxml.jackson.annotation.JsonProperty
+import com.workos.common.models.Role
 
-/**
- * An organization membership role.
- *
- * @param slug The unique role identified.
- */
-data class OrganizationMembershipRole @JsonCreator constructor(
-  @JsonProperty("slug")
-  val slug: String
-)
+typealias OrganizationMembershipRole = Role
\ No newline at end of file
diff --git a/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt b/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt
index c02c0fd7..95107a60 100644
--- a/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt
+++ b/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt
@@ -172,6 +172,7 @@ class SsoApiTest : TestBase() {
           "id": "prof_01DMC79VCBZ0NY2099737PSVF1",
           "idp_id": "00u1a0ufowBJlzPlk357",
           "last_name": "Rundgren",
+          "role":{"slug":"admin"},
           "object": "profile",
           "organization_id": "org_01FJYCNTB6VC4K5R8BTF86286Q",
           "raw_attributes": {"foo": "bar"}
@@ -206,6 +207,7 @@ class SsoApiTest : TestBase() {
           "id": "prof_01DMC79VCBZ0NY2099737PSVF1",
           "idp_id": "00u1a0ufowBJlzPlk357",
           "last_name": "Rundgren",
+          "role":{"slug":"admin"},
           "groups":["Admins", "Developers"],
           "object": "profile",
           "organization_id": "org_01FJYCNTB6VC4K5R8BTF86286Q",
@@ -242,6 +244,7 @@ class SsoApiTest : TestBase() {
           "id": "prof_01DMC79VCBZ0NY2099737PSVF1",
           "idp_id": "00u1a0ufowBJlzPlk357",
           "last_name": "Rundgren",
+          "role":{"slug":"admin"},
           "object": "profile",
           "organization_id": "org_01FJYCNTB6VC4K5R8BTF86286Q",
           "raw_attributes": {"foo": "bar"}
@@ -255,6 +258,42 @@ class SsoApiTest : TestBase() {
     assertNull(profile.groups)
   }
 
+  @Test
+  fun getProfileAndTokenWithoutRoleShouldNotReturnRole() {
+    val workos = createWorkOSClient()
+
+    stubResponse(
+      url = "/sso/token",
+      requestBody = """{
+        "client_id": "clientId",
+        "client_secret": "apiKey",
+        "code": "code",
+        "grant_type": "authorization_code"
+      }""",
+      responseBody = """{
+        "access_token": "01DMEK0J53CVMC32CK5SE0KZ8Q",
+        "profile": {
+          "connection_id": "conn_01E4ZCR3C56J083X43JQXF3JK5",
+          "connection_type": "OktaSAML",
+          "email": "todd@foo-corp.com",
+          "first_name": "Todd",
+          "id": "prof_01DMC79VCBZ0NY2099737PSVF1",
+          "idp_id": "00u1a0ufowBJlzPlk357",
+          "last_name": "Rundgren",
+          "object": "profile",
+          "organization_id": "org_01FJYCNTB6VC4K5R8BTF86286Q",
+          "raw_attributes": {"foo": "bar"}
+        }
+      }"""
+    )
+
+    val profileAndToken = workos.sso.getProfileAndToken("code", "clientId")
+    val profile = profileAndToken.profile
+
+    assertNull(profile.groups)
+  }
+
+
   @Test
   fun getProfileShouldReturnPayload() {
     val workos = createWorkOSClient()
@@ -269,6 +308,7 @@ class SsoApiTest : TestBase() {
         "id": "prof_01DMC79VCBZ0NY2099737PSVF2",
         "idp_id": "00u1a0ufowBJlzPlk357",
         "last_name": "Rundgren",
+        "role":{"slug":"admin"},
         "object": "profile",
         "organization_id": "org_01FJYCNTB6VC4K5R8BTF86286Q",
         "raw_attributes": {"foo": "foo_value"}

From d53d5fce0e6695bf5dd3caeb9a6d4065abdee4c5 Mon Sep 17 00:00:00 2001
From: Kendall Swarthout <kendallstrautman@gmail.com>
Date: Tue, 15 Oct 2024 14:24:08 -0700
Subject: [PATCH 2/5] Format

---
 src/main/kotlin/com/workos/common/models/Role.kt                | 2 +-
 src/main/kotlin/com/workos/sso/models/ProfileRole.kt            | 2 +-
 .../workos/usermanagement/models/OrganizationMembershipRole.kt  | 2 +-
 src/test/kotlin/com/workos/test/sso/SsoApiTest.kt               | 1 -
 4 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/main/kotlin/com/workos/common/models/Role.kt b/src/main/kotlin/com/workos/common/models/Role.kt
index 27111e7a..edead4e7 100644
--- a/src/main/kotlin/com/workos/common/models/Role.kt
+++ b/src/main/kotlin/com/workos/common/models/Role.kt
@@ -11,4 +11,4 @@ import com.fasterxml.jackson.annotation.JsonProperty
 data class Role @JsonCreator constructor(
   @JsonProperty("slug")
   val slug: String
-)
\ No newline at end of file
+)
diff --git a/src/main/kotlin/com/workos/sso/models/ProfileRole.kt b/src/main/kotlin/com/workos/sso/models/ProfileRole.kt
index 8e34bd25..c1f16a00 100644
--- a/src/main/kotlin/com/workos/sso/models/ProfileRole.kt
+++ b/src/main/kotlin/com/workos/sso/models/ProfileRole.kt
@@ -2,4 +2,4 @@ package com.workos.sso.models
 
 import com.workos.common.models.Role
 
-typealias ProfileRole = Role
\ No newline at end of file
+typealias ProfileRole = Role
diff --git a/src/main/kotlin/com/workos/usermanagement/models/OrganizationMembershipRole.kt b/src/main/kotlin/com/workos/usermanagement/models/OrganizationMembershipRole.kt
index 16c72f2c..27eec096 100644
--- a/src/main/kotlin/com/workos/usermanagement/models/OrganizationMembershipRole.kt
+++ b/src/main/kotlin/com/workos/usermanagement/models/OrganizationMembershipRole.kt
@@ -2,4 +2,4 @@ package com.workos.usermanagement.models
 
 import com.workos.common.models.Role
 
-typealias OrganizationMembershipRole = Role
\ No newline at end of file
+typealias OrganizationMembershipRole = Role
diff --git a/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt b/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt
index 95107a60..6cb98db6 100644
--- a/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt
+++ b/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt
@@ -293,7 +293,6 @@ class SsoApiTest : TestBase() {
     assertNull(profile.groups)
   }
 
-
   @Test
   fun getProfileShouldReturnPayload() {
     val workos = createWorkOSClient()

From 420b8765a41a1a77e793513bdd33825268686918 Mon Sep 17 00:00:00 2001
From: Kendall Swarthout <kendallstrautman@gmail.com>
Date: Tue, 15 Oct 2024 14:25:01 -0700
Subject: [PATCH 3/5] Update comment

---
 src/main/kotlin/com/workos/common/models/Role.kt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/kotlin/com/workos/common/models/Role.kt b/src/main/kotlin/com/workos/common/models/Role.kt
index edead4e7..e55457d2 100644
--- a/src/main/kotlin/com/workos/common/models/Role.kt
+++ b/src/main/kotlin/com/workos/common/models/Role.kt
@@ -4,7 +4,7 @@ import com.fasterxml.jackson.annotation.JsonCreator
 import com.fasterxml.jackson.annotation.JsonProperty
 
 /**
- * A unique user Role.
+ * A unique user role, used with organization memberships and profiles.
  *
  * @param slug The unique role identifier.
  */

From 1312c0e41312b91c95b7e416d576c73aaa583f88 Mon Sep 17 00:00:00 2001
From: Kendall Swarthout <kendallstrautman@gmail.com>
Date: Tue, 15 Oct 2024 14:28:56 -0700
Subject: [PATCH 4/5] Format

---
 src/main/kotlin/com/workos/sso/models/Profile.kt | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/main/kotlin/com/workos/sso/models/Profile.kt b/src/main/kotlin/com/workos/sso/models/Profile.kt
index fcf33397..c166613e 100644
--- a/src/main/kotlin/com/workos/sso/models/Profile.kt
+++ b/src/main/kotlin/com/workos/sso/models/Profile.kt
@@ -2,7 +2,6 @@ package com.workos.sso.models
 
 import com.fasterxml.jackson.annotation.JsonCreator
 import com.fasterxml.jackson.annotation.JsonProperty
-import com.workos.sso.models.ProfileRole
 
 /**
  * Represents a WorkoS Profile resource. This class is not meant to be
@@ -69,4 +68,3 @@ data class Profile
   @JsonProperty("raw_attributes")
   val rawAttributes: Map<String, Any>
 )
-

From 1dbbb40f78e90d819719dbc716e1ec275f7422cb Mon Sep 17 00:00:00 2001
From: Kendall Swarthout <kendallstrautman@gmail.com>
Date: Wed, 16 Oct 2024 15:09:40 -0700
Subject: [PATCH 5/5] assert null for role

---
 src/test/kotlin/com/workos/test/sso/SsoApiTest.kt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt b/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt
index 6cb98db6..10ea68fa 100644
--- a/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt
+++ b/src/test/kotlin/com/workos/test/sso/SsoApiTest.kt
@@ -290,7 +290,7 @@ class SsoApiTest : TestBase() {
     val profileAndToken = workos.sso.getProfileAndToken("code", "clientId")
     val profile = profileAndToken.profile
 
-    assertNull(profile.groups)
+    assertNull(profile.role)
   }
 
   @Test